454 matches found
Information Disclosure org.eclipse.jetty:jetty-util Dependency in Crowd Data Center and Server
This High severity org.eclipse.jetty:jetty-util Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.eclipse.jetty:jetty-util Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
Security Misconfiguration org.eclipse.jetty:jetty-server Dependency in Crowd Data Center and Server
This High severity org.eclipse.jetty:jetty-server Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.eclipse.jetty:jetty-server Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) org.eclipse.jetty:jetty-io Dependency in Crowd Data Center and Server
This High severity org.eclipse.jetty:jetty-io Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.eclipse.jetty:jetty-io Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
Improper Authorization org.springframework.security:spring-security-core Dependency in Crowd Data Center and Server
This High severity org.springframework.security:spring-security-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.springframework.security:spring-security-core Dependency vulnerability, with a CVSS Score of 8.2 and a CVSS...
Jira redirects the users back to the login page when SSO is used with Crowd
h3. Issue Summary Jira redirects the users back to the login page when SSO is used with Crowd when SSOSeraphAuthenticator is enabled in the seraph-config.xml. It works fine when Crowd is not used when JiraSeraphAuthenticator is enabled. This is reproducible on Data Center: Yes h3. Steps to...
Atlassian Crowd 3.4.x < 5.1.6 / 5.2.1 RCE (CWD-6139)
The version of Atlassian Crowd installed on the remote host is 3.4.x prior to 5.1.6, or 5.2.x prior to 5.2.1. It is, therefore, affected by a remote execution vulnerability. An authenticated, remote attacker can exploit this, to execute arbitrary code which has high impact to confidentiality, hig...
Request Smuggling org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server
This High severity org.apache.tomcat:tomcat-catalina Dependency vulnerability was introduced in all versions of Crowd Data Center and Server before 5.0.10, 5.1.8 and 5.2.3. This org.apache.tomcat:tomcat-catalina Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
CVE-2024-21907
creationtimestamp| type| source ---|---|--- 2024-01-03 17:26:52+00:00| seen| https://t.me/ctinow/162475 2024-01-04 01:36:14+00:00| seen| https://t.me/cibsecurity/74324 2024-01-08 15:12:27+00:00| seen| https://t.me/arpsyndicate/2652 2024-01-23 16:56:42+00:00| seen| https://t.me/ctinow/172119...
Info Disclosure org.apache.santuario:xmlsec Dependency in Crowd Data Center and Server
This High severity org.apache.santuario:xmlsec Dependency vulnerability was introduced in all versions of Crowd Data Center and Server before 5.2.2 This org.apache.santuario:xmlsec Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...