mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
b652721180
commit
c53722f26b
@ -1,105 +1,107 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-04-01T00:00:00",
|
||||
"ID": "CVE-2020-36238",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Incorrect Authorization (CWE-863)"
|
||||
}
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-04-01T00:00:00",
|
||||
"ID": "CVE-2020-36238",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72249"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Incorrect Authorization (CWE-863)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72249",
|
||||
"refsource": "MISC",
|
||||
"name": "https://jira.atlassian.com/browse/JRASERVER-72249"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -258,6 +258,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
|
||||
"url": "https://lists.apache.org/thread.html/re6207ebe2ca4d44f2a6deee695ad6f27fd29d78980f1d46ed1574f91@%3Cissues.zookeeper.apache.org%3E"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E",
|
||||
"url": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -1,105 +1,107 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-04-01T00:00:00",
|
||||
"ID": "CVE-2021-26071",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Request Forgery (CSRF)"
|
||||
}
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-04-01T00:00:00",
|
||||
"ID": "CVE-2021-26071",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.13",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.5",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72233"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Request Forgery (CSRF)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72233",
|
||||
"refsource": "MISC",
|
||||
"name": "https://jira.atlassian.com/browse/JRASERVER-72233"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2021/29xxx/CVE-2021-29921.json
Normal file
18
2021/29xxx/CVE-2021-29921.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29921",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2021/29xxx/CVE-2021-29922.json
Normal file
18
2021/29xxx/CVE-2021-29922.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29922",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2021/29xxx/CVE-2021-29923.json
Normal file
18
2021/29xxx/CVE-2021-29923.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29923",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2021/29xxx/CVE-2021-29924.json
Normal file
18
2021/29xxx/CVE-2021-29924.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29924",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2021/29xxx/CVE-2021-29925.json
Normal file
18
2021/29xxx/CVE-2021-29925.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29925",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2021/29xxx/CVE-2021-29926.json
Normal file
18
2021/29xxx/CVE-2021-29926.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29926",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2021/29xxx/CVE-2021-29927.json
Normal file
18
2021/29xxx/CVE-2021-29927.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29927",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user