admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-02-15 08:03:08 -05:00
parent 37a14dd382
commit 974fd2d182
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
2 changed files with 64 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2017/18xxx/CVE-2017-18087.json
View File

@ -1,20 +1,20 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-02-15T00:00:00",
"ID": "CVE-2017-18087",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-02-15T00:00:00",
"ID" : "CVE-2017-18087",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Bitbucket Server",
"version": {
"version_data": [
"product_name" : "Bitbucket Server",
"version" : {
"version_data" : [
{
"version_value" : "from 5.1.0 prior to 5.1.7"
},
@ -32,38 +32,38 @@
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them to gain code execution, exploit CVE-2017-1000117 if a vulnerable version of git is in use, and or determine if an internal service exists via an argument injection vulnerability in the at parameter."
"lang" : "eng",
"value" : "The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them to gain code execution, exploit CVE-2017-1000117 if a vulnerable version of git is in use, and or determine if an internal service exists via an argument injection vulnerability in the at parameter."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Argument Injection"
"lang" : "eng",
"value" : "Argument Injection"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/BSERV-10593"
"url" : "https://jira.atlassian.com/browse/BSERV-10593"
}
]
}

70
2017/18xxx/CVE-2017-18088.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-02-15T00:00:00",
"ID": "CVE-2017-18088",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-02-15T00:00:00",
"ID" : "CVE-2017-18088",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Bitbucket Server",
"version": {
"version_data": [
"product_name" : "Bitbucket Server",
"version" : {
"version_data" : [
{
"version_value": "prior to version 5.3.7"
"version_value" : "prior to version 5.3.7"
},
{
"version_value": "from version 5.4.0 prior to 5.4.6"
"version_value" : "from version 5.4.0 prior to 5.4.6"
},
{
"version_value": "from version 5.5.0 prior to 5.5.6"
"version_value" : "from version 5.5.0 prior to 5.5.6"
},
{
"version_value": "from version 5.6.0 prior to 5.6.3"
"version_value" : "from version 5.6.0 prior to 5.6.3"
},
{
"version_value": "from version 5.7.0 prior to 5.7.1"
"version_value" : "from version 5.7.0 prior to 5.7.1"
},
{
"version_value": "prior to 5.8.0"
"version_value" : "prior to 5.8.0"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 before 5.6.3 (the fixed version for 5.6.x), from version 5.7.0 before 5.7.1 (the fixed version for 5.7.x) and before 5.8.0 allow remote attackers to conduct clickjacking attacks via framing various resources that lacked clickjacking protection."
"lang" : "eng",
"value" : "Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 before 5.6.3 (the fixed version for 5.6.x), from version 5.7.0 before 5.7.1 (the fixed version for 5.7.x) and before 5.8.0 allow remote attackers to conduct clickjacking attacks via framing various resources that lacked clickjacking protection."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Clickjacking"
"lang" : "eng",
"value" : "Clickjacking"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/BSERV-10594"
"url" : "https://jira.atlassian.com/browse/BSERV-10594"
}
]
}