mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
85 lines
3.1 KiB
JSON
85 lines
3.1 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "security@atlassian.com",
|
|
"DATE_PUBLIC": "2019-05-08T00:00:00",
|
|
"ID": "CVE-2019-8442",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Atlassian",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Jira",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "7.13.4",
|
|
"version_affected": "<"
|
|
},
|
|
{
|
|
"version_value": "8.0.0",
|
|
"version_affected": ">="
|
|
},
|
|
{
|
|
"version_value": "8.0.4",
|
|
"version_affected": "<"
|
|
},
|
|
{
|
|
"version_value": "8.1.0",
|
|
"version_affected": ">="
|
|
},
|
|
{
|
|
"version_value": "8.1.1",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Information Exposure"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://jira.atlassian.com/browse/JRASERVER-69241",
|
|
"refsource": "MISC",
|
|
"name": "https://jira.atlassian.com/browse/JRASERVER-69241"
|
|
},
|
|
{
|
|
"refsource": "BID",
|
|
"name": "108460",
|
|
"url": "http://www.securityfocus.com/bid/108460"
|
|
}
|
|
]
|
|
}
|
|
} |