From fcf351bab8d1db3c61f855cb3a73aed4918470e3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 10 Apr 2018 09:04:45 -0400 Subject: [PATCH] - Synchronized data. --- 2017/18xxx/CVE-2017-18100.json | 64 ++++++++++++++------------- 2017/18xxx/CVE-2017-18101.json | 80 +++++++++++++++++----------------- 2017/1xxx/CVE-2017-1081.json | 2 + 2018/5xxx/CVE-2018-5227.json | 64 ++++++++++++++------------- 4 files changed, 109 insertions(+), 101 deletions(-) diff --git a/2017/18xxx/CVE-2017-18100.json b/2017/18xxx/CVE-2017-18100.json index ae017a5c14a..577c38bbc6f 100644 --- a/2017/18xxx/CVE-2017-18100.json +++ b/2017/18xxx/CVE-2017-18100.json @@ -1,61 +1,63 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2018-04-10T00:00:00", - "ID": "CVE-2017-18100", - "STATE": "PUBLIC" + "CVE_data_meta" : { + "ASSIGNER" : "security@atlassian.com", + "DATE_PUBLIC" : "2018-04-10T00:00:00", + "ID" : "CVE-2017-18100", + "STATE" : "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Jira", - "version": { - "version_data": [ + "product_name" : "Jira", + "version" : { + "version_data" : [ { - "version_value": "7.8.1", - "version_affected": "<" + "version_affected" : "<", + "version_value" : "7.8.1" } ] } } ] }, - "vendor_name": "Atlassian" + "vendor_name" : "Atlassian" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick filters." + "lang" : "eng", + "value" : "The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick filters." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Cross Site Scripting (XSS)" + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "url": "https://jira.atlassian.com/browse/JRASERVER-67106" + "name" : "https://jira.atlassian.com/browse/JRASERVER-67106", + "refsource" : "CONFIRM", + "url" : "https://jira.atlassian.com/browse/JRASERVER-67106" } ] } diff --git a/2017/18xxx/CVE-2017-18101.json b/2017/18xxx/CVE-2017-18101.json index 8a530a32722..a4c3905ed05 100644 --- a/2017/18xxx/CVE-2017-18101.json +++ b/2017/18xxx/CVE-2017-18101.json @@ -1,77 +1,79 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2018-04-10T00:00:00", - "ID": "CVE-2017-18101", - "STATE": "PUBLIC" + "CVE_data_meta" : { + "ASSIGNER" : "security@atlassian.com", + "DATE_PUBLIC" : "2018-04-10T00:00:00", + "ID" : "CVE-2017-18101", + "STATE" : "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Jira", - "version": { - "version_data": [ + "product_name" : "Jira", + "version" : { + "version_data" : [ { - "version_value": "7.6.5", - "version_affected": "<" + "version_affected" : "<", + "version_value" : "7.6.5" }, { - "version_value": "7.7.0", - "version_affected": ">=" + "version_affected" : ">=", + "version_value" : "7.7.0" }, { - "version_value": "7.7.3", - "version_affected": "<" + "version_affected" : "<", + "version_value" : "7.7.3" }, { - "version_value": "7.8.0", - "version_affected": ">=" + "version_affected" : ">=", + "version_value" : "7.8.0" }, { - "version_value": "7.8.3", - "version_affected": "<" + "version_affected" : "<", + "version_value" : "7.8.3" } ] } } ] }, - "vendor_name": "Atlassian" + "vendor_name" : "Atlassian" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks." + "lang" : "eng", + "value" : "Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Improper Access Control (CWE-284)" + "lang" : "eng", + "value" : "Improper Access Control (CWE-284)" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "url": "https://jira.atlassian.com/browse/JRASERVER-67107" + "name" : "https://jira.atlassian.com/browse/JRASERVER-67107", + "refsource" : "CONFIRM", + "url" : "https://jira.atlassian.com/browse/JRASERVER-67107" } ] } diff --git a/2017/1xxx/CVE-2017-1081.json b/2017/1xxx/CVE-2017-1081.json index 2d35fb02054..d01d09b6ca6 100644 --- a/2017/1xxx/CVE-2017-1081.json +++ b/2017/1xxx/CVE-2017-1081.json @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "FreeBSD-SA-17:04", + "refsource" : "FREEBSD", "url" : "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:04.ipfilter.asc" } ] diff --git a/2018/5xxx/CVE-2018-5227.json b/2018/5xxx/CVE-2018-5227.json index 0a49bda4e79..9dd2c7d230f 100644 --- a/2018/5xxx/CVE-2018-5227.json +++ b/2018/5xxx/CVE-2018-5227.json @@ -1,61 +1,63 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2018-04-10T00:00:00", - "ID": "CVE-2018-5227", - "STATE": "PUBLIC" + "CVE_data_meta" : { + "ASSIGNER" : "security@atlassian.com", + "DATE_PUBLIC" : "2018-04-10T00:00:00", + "ID" : "CVE-2018-5227", + "STATE" : "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Atlassian Application Links", - "version": { - "version_data": [ + "product_name" : "Atlassian Application Links", + "version" : { + "version_data" : [ { - "version_value": "5.4.4", - "version_affected": "<" + "version_affected" : "<", + "version_value" : "5.4.4" } ] } } ] }, - "vendor_name": "Atlassian" + "vendor_name" : "Atlassian" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "Various administrative application link resources in Atlassian Application Links before version 5.4.4 allow remote attackers with administration rights to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the display url of a configured application link." + "lang" : "eng", + "value" : "Various administrative application link resources in Atlassian Application Links before version 5.4.4 allow remote attackers with administration rights to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the display url of a configured application link." } ] }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Cross Site Scripting (XSS)" + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "url": "https://ecosystem.atlassian.net/browse/APL-1361" + "name" : "https://ecosystem.atlassian.net/browse/APL-1361", + "refsource" : "CONFIRM", + "url" : "https://ecosystem.atlassian.net/browse/APL-1361" } ] }