Products

This resource represents Atlassian products' CVE information. Use it to retrieve information on what particular Atlassian products are affected by various CVEs.

Operations

GET/v1/products

GET

Get product information

Get a list of Atlassian products and associated CVE data. This data includes CVEs that affect each supported product version, the status of the vulnerability, and information on the CVE itself, such as a summary and severity.

Request

Query parameters

products

array<string>

cve_ids

array<CVEID>

version

string

Responses

Returns the current list of Atlassian products and CVE data.

Headers

Cache-Control

string

application/json

GetProductsResponse

GET/v1/products

curl

Node.js

Java

Python

PHP

1
2
3

curl --request GET \
  --url 'https://api.atlassian.com/vuln-transparency/v1/products' \
  --header 'Accept: application/json'

200Response

{
  "products": {
    "Jira Service Management": {
      "versions": {
        "7.8.1": [
          {
            "CVE-2022-36800": "AFFECTED"
          }
        ]
      }
    },
    "Jira": {
      "versions": {
        "1.2.3": [
          {
            "CVE-2021-26079": "FIXED"
          }
        ]
      }
    }
  },
  "cve_metadata": {
    "CVE-2022-36800": {
      "cve_summary": "Isolated permissions bypass in Jira Service Management.",
      "cve_severity": 3.5,
      "atl_tracking_url": "https://jira.atlassian.com/browse/JSDSERVER-11900?jql=issuetype%20%3D%20%22Public%20Security%20Vulnerability%22%20AND%20%22CVE%20ID%22%20~%20%22CVE-2022-36800%22"
    },
    "CVE-2021-26079": {
      "cve_summary": "XSS in Jira Server and Jira Data Center.",
      "cve_severity": 4.7,
      "atl_tracking_url": "https://jira.atlassian.com/browse/JRASERVER-72396?jql=issuetype%20%3D%20%22Public%20Security%20Vulnerability%22%20AND%20%22CVE%20ID%22%20~%20%22CVE-2021-26079%22"
    }
  }
}