mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
Auto-merge PR#5387
Auto-merge PR#5387
This commit is contained in:
CVE Team
GitHub
commit
12a03dd9e9
@ -1,18 +1,192 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-0540",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2022-04-20T00:00:00",
|
||||
"ID": "CVE-2022-0540",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Core Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.13.18",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.20.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.21.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.22.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Software Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.13.18",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.20.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.21.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.22.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Software Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.13.18",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.20.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.21.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.22.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Service Management Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "4.13.18",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "4.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "4.20.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "4.21.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "4.22.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Service Management Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "4.13.18",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "4.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "4.20.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "4.21.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "4.22.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Authentication"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20"
|
||||
},
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-73650"
|
||||
},
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JSDSERVER-11224"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,18 +1,97 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2022-03-24T23:00:00",
|
||||
"ID": "CVE-2022-26133",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Bitbucket Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "5.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "7.6.14",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "7.7.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "7.17.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "7.18.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "7.18.4",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "7.19.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "7.19.4",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "7.20.0",
|
||||
"version_affected": "="
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Deserialization of untrusted data"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/BSERV-13173"
|
||||
},
|
||||
{
|
||||
"url": "https://confluence.atlassian.com/security/multiple-products-security-advisory-hazelcast-vulnerable-to-remote-code-execution-cve-2016-10750-1116292387.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user