Changed |
CPE Configuration |
OR
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions up to (excluding) 3.6.2
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.6.3 up to (excluding) 3.7.1
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.7.2 up to (excluding) 4.0.0
|
OR
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions up to (excluding) 3.2.11
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.3.0 up to (excluding) 3.3.8
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.4.0 up to (excluding) 3.4.7
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.5.0 up to (excluding) 3.5.2
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.6.0 up to (excluding) 3.6.2
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.6.3 up to (excluding) 3.7.1
*cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 3.7.2 up to (excluding) 4.0.0
|
Changed |
Reference Type |
https://zeroauth.ltd/blog/2020/02/07/cve-2019-20104-atlassian-crowd-openid-client-vulnerable-to-remote-dos-via-xml-entity-expansion/ No Types Assigned
|
https://zeroauth.ltd/blog/2020/02/07/cve-2019-20104-atlassian-crowd-openid-client-vulnerable-to-remote-dos-via-xml-entity-expansion/ Exploit, Technical Description
|