Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jira_server
(Atlassian)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 133 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-06 | CVE-2019-20400 | The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability. | Jira_server | 7.8 | ||
| 2020-02-06 | CVE-2019-20401 | Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF) vulnerabilities. | Jira_server | 6.5 | ||
| 2020-07-13 | CVE-2019-20901 | The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter. | Jira, Jira_server | 6.1 |