CVE-2020-14167
published 2020-07-01CVE-2020-14167: The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | jira | < 7.13.14 | 7.13.14 |
| atlassian | jira_data_center | >= 8.5.0 < 8.5.5 | 8.5.5 |
| atlassian | jira_data_center | >= 8.8.0 < 8.8.2 | 8.8.2 |
| atlassian | jira_data_center | >= 8.9.0 < 8.9.1 | 8.9.1 |
| atlassian | jira_server | >= 8.5.0 < 8.5.5 | 8.5.5 |
| atlassian | jira_server | >= 8.8.0 < 8.8.2 | 8.8.2 |
| atlassian | jira_server | >= 8.9.0 < 8.9.1 | 8.9.1 |
| atlassian | jira_server_and_data_center | >= 8.5.0 < unspecified | unspecified |
| atlassian | jira_server_and_data_center | >= 8.8.0 < unspecified | unspecified |
| atlassian | jira_server_and_data_center | >= 8.9.0 < unspecified | unspecified |
| atlassian | jira_server_and_data_center | >= unspecified < 7.13.14 | 7.13.14 |
| atlassian | jira_server_and_data_center | >= unspecified < 8.5.5 | 8.5.5 |
| atlassian | jira_server_and_data_center | >= unspecified < 8.8.2 | 8.8.2 |
| atlassian | jira_server_and_data_center | >= unspecified < 8.9.1 | 8.9.1 |
| atlassian | jira_software_data_center | < 7.13.14 | 7.13.14 |