admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-04-10 09:04:45 -04:00
parent 5cf1f19852
commit fcf351bab8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
4 changed files with 109 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
2017/18xxx/CVE-2017-18100.json
View File

@ -1,61 +1,63 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-04-10T00:00:00",
"ID": "CVE-2017-18100",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-04-10T00:00:00",
"ID" : "CVE-2017-18100",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Jira",
"version": {
"version_data": [
"product_name" : "Jira",
"version" : {
"version_data" : [
{
"version_value": "7.8.1",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.8.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick filters."
"lang" : "eng",
"value" : "The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick filters."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-67106"
"name" : "https://jira.atlassian.com/browse/JRASERVER-67106",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/JRASERVER-67106"
}
]
}

80
2017/18xxx/CVE-2017-18101.json
View File

@ -1,77 +1,79 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-04-10T00:00:00",
"ID": "CVE-2017-18101",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-04-10T00:00:00",
"ID" : "CVE-2017-18101",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Jira",
"version": {
"version_data": [
"product_name" : "Jira",
"version" : {
"version_data" : [
{
"version_value": "7.6.5",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.6.5"
},
{
"version_value": "7.7.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.7.0"
},
{
"version_value": "7.7.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.7.3"
},
{
"version_value": "7.8.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "7.8.0"
},
{
"version_value": "7.8.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "7.8.3"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks."
"lang" : "eng",
"value" : "Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Improper Access Control (CWE-284)"
"lang" : "eng",
"value" : "Improper Access Control (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-67107"
"name" : "https://jira.atlassian.com/browse/JRASERVER-67107",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/JRASERVER-67107"
}
]
}

2
2017/1xxx/CVE-2017-1081.json
View File

@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
"name" : "FreeBSD-SA-17:04",
"refsource" : "FREEBSD",
"url" : "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:04.ipfilter.asc"
}
]

64
2018/5xxx/CVE-2018-5227.json
View File

@ -1,61 +1,63 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-04-10T00:00:00",
"ID": "CVE-2018-5227",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-04-10T00:00:00",
"ID" : "CVE-2018-5227",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Atlassian Application Links",
"version": {
"version_data": [
"product_name" : "Atlassian Application Links",
"version" : {
"version_data" : [
{
"version_value": "5.4.4",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "5.4.4"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Various administrative application link resources in Atlassian Application Links before version 5.4.4 allow remote attackers with administration rights to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the display url of a configured application link."
"lang" : "eng",
"value" : "Various administrative application link resources in Atlassian Application Links before version 5.4.4 allow remote attackers with administration rights to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the display url of a configured application link."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://ecosystem.atlassian.net/browse/APL-1361"
"name" : "https://ecosystem.atlassian.net/browse/APL-1361",
"refsource" : "CONFIRM",
"url" : "https://ecosystem.atlassian.net/browse/APL-1361"
}
]
}