Atlassian Gadgets
Approved changes feed: RSS · Atom
cpe:2.3:a:atlassian:atlassian-gadgets:*:*:*:*:*:atlassian:*:*
part: a version: * update: *
| Vendor | Atlassian (8acde0d4-2b83-5bd8-8d3f-60d59e0b022e) |
|---|---|
| Product | Atlassian Gadgets (7dd11a28-ef4f-5a36-929a-d4bc11271c4e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | atlassian |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-36232 |
vulnerable | 2026-06-03 14:42:33.408375 |
Details available
The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it incorrectly obtained application base url information from the executing http request which could be attacker controlled.
Published: 2021-02-22T20:46:59.290Z
Updated: 2024-09-17T01:22:10.668Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.