This resource represents Atlassian products' CVE information. Use it to retrieve information on what particular Atlassian products are affected by various CVEs.
Get a list of Atlassian products and associated CVE data. This data includes CVEs that affect each supported product version, the status of the vulnerability, and information on the CVE itself, such as a summary and severity.
array<string>
array<CVEID>
string
Returns the current list of Atlassian products and CVE data.
string
1
2
3
curl --request GET \
--url 'https://api.atlassian.com/vuln-transparency/v1/products' \
--header 'Accept: application/json'
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
"products": {
"Jira Service Management": {
"versions": {
"7.8.1": [
{
"CVE-2022-36800": "AFFECTED"
}
]
}
},
"Jira": {
"versions": {
"1.2.3": [
{
"CVE-2021-26079": "FIXED"
}
]
}
}
},
"cve_metadata": {
"CVE-2022-36800": {
"cve_summary": "Isolated permissions bypass in Jira Service Management.",
"cve_severity": 3.5,
"atl_tracking_url": "https://jira.atlassian.com/browse/JSDSERVER-11900?jql=issuetype%20%3D%20%22Public%20Security%20Vulnerability%22%20AND%20%22CVE%20ID%22%20~%20%22CVE-2022-36800%22"
},
"CVE-2021-26079": {
"cve_summary": "XSS in Jira Server and Jira Data Center.",
"cve_severity": 4.7,
"atl_tracking_url": "https://jira.atlassian.com/browse/JRASERVER-72396?jql=issuetype%20%3D%20%22Public%20Security%20Vulnerability%22%20AND%20%22CVE%20ID%22%20~%20%22CVE-2021-26079%22"
}
}
}
Get a list of Atlassian products and versions released after Jan 2021 associated with them
This request has no parameters.
Returns the current list of Atlassian products and associated versions
string
1
2
3
curl --request GET \
--url 'https://api.atlassian.com/vuln-transparency/v1/products/versions' \
--header 'Accept: application/json'
1
2
3
4
5
6
7
8
9
10
11
{
"Confluence Data Center": [
"8.9.1",
"8.9.0",
"8.8.1",
"8.8.0"
],
"JIRA Service Management Data Center": [
"5.15.2"
]
}
Rate this page: