43 matches found
EUVD-2017-9241
Malware in sbrugna...
EUVD-2021-25563
Malware in sbrugna...
Fedora: Security Advisory for rust-jql (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: rust-jql-7.1.2-3.fc39
Jql - JSON Query Language - is a fast and simple command-line tool to manipulate JSON data...
Fedora: Security Advisory for rust-jql (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: rust-jql-7.1.2-3.fc40
Jql - JSON Query Language - is a fast and simple command-line tool to manipulate JSON data...
Users with no "Browse Users permissions" are able to fetch issues which are assigned to another user or reported by other user using advanced search filter
h3. Issue Summary Users with no "Browse Users permissions" are able to fetch issues which are assigned to another user or reported by other user using advanced search filter. This is reproducible on Data Center: yes h3. Steps to Reproduce Log into JIRA with a user which does not have Browse Users...
Atlassian Jira 7.0.0 < 7.6.7 Broken Jql Filter For Webhooks
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.0.x prior to 7.6.7 or 7.7.0 prior to 7.11.0. It is, therefore, affected by a vulnerability which permits remote attackers who are able to observe or otherwise intercept webho...
Atlassian Jira 7.7.0 < 7.11.0 Broken Jql Filter For Webhooks
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.0.x prior to 7.6.7 or 7.7.0 prior to 7.11.0. It is, therefore, affected by a vulnerability which permits remote attackers who are able to observe or otherwise intercept webho...
Atlassian Jira 6.0.0 < 7.2.12 Xss In Printable Searchrequest Issue Resource
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 6.0.x prior to 7.2.12 or 7.4.4 prior to 7.6.1. It is, therefore, affected by a vulnerability which permits remote attackers to inject arbitrary HTML or JavaScript via a cross...
CVE-2021-39127
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability BAC vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1...
PT-2021-22391 · Atlassian · Jira +1
Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.5.10 Atlassian Jira Server and Data Center versions 8.6.0 through 8.13.1 Description: The issue allows anonymous remote attackers to access the query component JQL endpoint via a Broke...
[SECURITY] Fedora 34 Update: rust-jql-2.9.4-2.fc34
JSON query language CLI tool...
Fedora: Security Advisory for rust-jql (FEDORA-2021-9dc0bd0072)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-36286
The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly...
Denial of service
The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly...
U.S. Dept Of Defense: CVE 2020 14179 on jira instance
Summary: An remote attacker can view the custom sla fields used in the jira instance and also can use the sla fields to make a jql query. Impact Information disclosure of the custom sla fields, senstive information leakage throught he jql query parameter Read more about the impact here:...
Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.10.2 / 8.11.x < 8.11.1 DoS (JRASERVER-71388)
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 7.3.16, or is 8.x 8.5.7, 8.6.x 8.10.2, or 8.11.x 8.11.0. It is, therefore, affected by a regex-based denial of service DoS vulnerability in JQL version searching. A remote,...
CVE-2020-14177
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service DoS vulnerability in JQL version searching. The affected versions are before version 7.13.16; from version 7.14.0 before 8.5.7; from versi...
Denial of service
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service DoS vulnerability in JQL version searching. The affected versions are before version 7.13.16; from version 7.14.0 before 8.5.7; from versi...