69 matches found
Spam Campaign Abuses Atlassian Jira, Targets Government and Corporate Entities
We uncover how a campaign used Atlassian Jira Cloud to launch automated and targeted spam campaigns, exploiting trusted SaaS workflows to bypass security controls...
CVE-2021-22262
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
EUVD-2021-0252
Malware in sbrugna...
EUVD-2021-9408
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-22262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from...
CVE-2021-21371
Tenable for Jira Cloud is an open source project designed to pull Tenable.io vulnerability data, then generate Jira Tasks and sub-tasks based on the vulnerabilities' current state. It published in pypi as "tenable-jira-cloud". In tenable-jira-cloud before version 1.1.21, it is possible to run...
GitLab 13.12 < 14.0.9 / 14.1 < 14.1.4 / 14.2 < 14.2.2 (CVE-2021-22262)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud...
BIT-GITLAB-2021-22262
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
Exploit for Server-Side Request Forgery in Atlassian Jira_Data_Center
CVE-2022-26135 - Full-Read Server Side Request Forgery in Mobi...
MAL-2022-4031 Malicious code in jira-cloud-for-sketch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ad48f9eea0ecfefd93ce7705dbe71a99132b23d8479beb15c59d17634ee94c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in jira-cloud-for-sketch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ad48f9eea0ecfefd93ce7705dbe71a99132b23d8479beb15c59d17634ee94c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-22262
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
CVE-2021-22262
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
UBUNTU-CVE-2021-22262
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
Improper access control
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
CVE-2021-22262
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
CVE-2021-22262
Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...
CVE-2021-22262
The vulnerability CVE-2021-22262 affects GitLab versions with Jira Cloud integration enabled, due to missing access control that lets Jira users without admin privileges add/remove Jira Connect Namespaces via the GitLab.com Jira Cloud app configuration page. Affected versions: 13.12 before 14.0.9...
CVE-2021-22262
Removed by vendor...
PT-2021-14923 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 13.12 through 14.0.8 GitLab versions 14.1 through 14.1.3 GitLab versions 14.2 through 14.2.1 Description: The issue concerns missing access control in GitLab with Jira Cloud integration enabled, allowing Jira users without...