Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-72025

Jira bundles a vulnerable version of atlassian-gadgets - CVE-2020-36232

XMLWordPrintable

    • 5
    • Medium
    • CVE-2020-36232

      The atlassian-gadgets plugin used in affected versions of Atlassian Jira Server and Data Center allows unexpected DNS lookups and requests to malicious servers via server side request forgery vulnerability. 

      The affected versions are before version 8.5.10, from version 8.6.0 before version 8.13.2, and from version 8.14.0 before version 8.14.1.

      Affected versions:

      • version < 8.5.10
      • 8.6.0 ≤ version < 8.13.2
      • 8.14.0 ≤ version < 8.14.1

      Fixed versions:

      • 8.5.10
      • 8.13.2
      • 8.14.1
      • 8.15.0

       See https://ecosystem.atlassian.net/browse/AG-1532 for further details and or below -

      Additional details from https://ecosystem.atlassian.net/browse/AG-1532 -

      The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it incorrectly obtained application base url information from the executing http request which could be attacker controlled.

      The following versions of atlassian-gadgets are affected:

      • Versions before 4.2.37
      • Versions from 4.3.0 before 4.3.14
      • Versions from 4.3.2.0 before 4.3.2.4
      • Versions from 4.4.0 before 4.4.12
      • Version 5.0.0

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: