Lucene search
AtlassianCVELIST:CVE-2019-20104HistoryFeb 06, 2020 - 3:10 a.m.
CVE-2019-20104
2020-02-0603:10:24
atlassian
www.cve.org
8
The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0 before 3.7.1 allows remote attackers to perform a Denial of Service attack via an XML Entity Expansion vulnerability.
CNA Affected
[
{
"product": "Crowd",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "3.6.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "3.7.0",
"versionType": "custom"
},
{
"lessThan": "3.7.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
XXE in OpenID client application - CVE-2019-20104
2020-01-23 00:05:49
XXE in OpenID client application - CVE-2019-20104
2020-01-23 00:05:49
prion
prion
Design/Logic Flaw
2020-02-06 03:15:00
nvd
nvd
CVE-2019-20104
2020-02-06 03:15:10
cve
cve
CVE-2019-20104
2020-02-06 03:15:10
nessus
nessus
JFrog < 6.23.0 Multiple Vulnerabilities
2021-03-12 00:00:00
JFrog < 7.10.1 Multiple Vulnerabilities
2020-12-16 00:00:00