Lucene search
AtlassianCVELIST:CVE-2019-20899HistoryMar 23, 2020 - 12:00 a.m.
CVE-2019-20899
2020-03-2300:00:00
atlassian
www.cve.org
The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from version 8.6.0 before 8.6.1.
CNA Affected
[
{
"product": "Jira Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "8.5.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.6.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2019-20899
2020-07-13 01:15:13
nvd
nvd
CVE-2019-20899
2020-07-13 01:15:13
atlassian
atlassian
DoS through Jira Gadget API - CVE-2019-20899
2020-03-23 01:50:27
DoS through Jira Gadget API - CVE-2019-20899
2020-03-23 01:50:27
prion
prion
Code injection
2020-07-13 01:15:00
nessus
nessus