mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
d89570cf79
commit
d017f0f683
@ -1,88 +1,91 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-02-04T00:00:00",
|
||||
"ID": "CVE-2020-36235",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.13.2",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.13.2",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version 8.14.0 before 8.14.1."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Information Disclosure"
|
||||
}
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-02-04T00:00:00",
|
||||
"ID": "CVE-2020-36235",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.13.2",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.13.2",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-71950"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version 8.14.0 before 8.14.1."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Information Disclosure"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-71950",
|
||||
"refsource": "MISC",
|
||||
"name": "https://jira.atlassian.com/browse/JRASERVER-71950"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -1,104 +1,107 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-02-04T00:00:00",
|
||||
"ID": "CVE-2020-36236",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.11",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.3",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.11",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.3",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Scripting (XSS)"
|
||||
}
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-02-04T00:00:00",
|
||||
"ID": "CVE-2020-36236",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.11",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.3",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.11",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.3",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72015"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72015",
|
||||
"refsource": "MISC",
|
||||
"name": "https://jira.atlassian.com/browse/JRASERVER-72015"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -1,72 +1,75 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-02-04T00:00:00",
|
||||
"ID": "CVE-2020-36237",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Information Disclosure"
|
||||
}
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-02-04T00:00:00",
|
||||
"ID": "CVE-2020-36237",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.15.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72064"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Information Disclosure"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72064",
|
||||
"refsource": "MISC",
|
||||
"name": "https://jira.atlassian.com/browse/JRASERVER-72064"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user