Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Crucible
(Atlassian)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 52 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-06-28 | CVE-2017-16859 | The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command parameter. | Crucible, Fisheye | 6.5 | ||
| 2017-11-29 | CVE-2017-14591 | Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing attackers to execute arbitrary code on a system running the impacted software. | Crucible, Fisheye | 9.0 |