-
Public Security Vulnerability
-
Resolution: Fixed
-
Low (View bug fix roadmap)
-
8.18.0, 8.5.17, 8.13.9
-
None
-
4.3
-
Medium
-
CVE-2021-39121
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/api/latest/projectvalidate/key endpoint.
The affected versions are before version 8.5.18, from version 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2.
*Affected versions:*
- version < 8.5.18
- 8.6.0 ≤ version < 8.13.10
- 8.14.0 ≤ version < 8.18.2
*Fixed versions:*
- 8.5.18
- 8.13.10
- 8.18.2
- mentioned in
-
Page Failed to load
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Project key enumeration via the /rest/api/latest/projectvalidate/key endpoint - CVE-2021-39121
-
-
Resolution: Fixed
-
Low
-
8.18.0, 8.5.17, 8.13.9
-
None
-
4.3
-
Medium
-
CVE-2021-39121
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/api/latest/projectvalidate/key endpoint.
The affected versions are before version 8.5.18, from version 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2.
*Affected versions:*
- version < 8.5.18
- 8.6.0 ≤ version < 8.13.10
- 8.14.0 ≤ version < 8.18.2
*Fixed versions:*
- 8.5.18
- 8.13.10
- 8.18.2
- mentioned in
-
Page Loading...
-
Unassigned
-
Security Metrics Bot
- Votes:
-
0 Vote for this issue
- Watchers:
-
1 Start watching this issue
- Created:
- Updated:
- Resolved: