Lucene search
K

310 matches found

Atlassian
Atlassian
added 2026/06/03 2:30 p.m.7 views

Information Disclosure org.apache.tomcat:tomcat-websocket Dependency in Confluence Data Center

This High severity Information Disclosure vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.1, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.3 and a...

7.3CVSS5.3AI score0.00548EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/02 4:30 p.m.12 views

Injection io.netty:netty-codec-dns Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0,...

9.1CVSS5.3AI score0.00969EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:30 p.m.8 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.2AI score0.00248EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:30 p.m.9 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0,...

9.1CVSS5.3AI score0.0075EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.10 views

Business Logic Vulnerability Apache Tomcat Dependency in Confluence Data Center

This High severity Business Logic vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0 and 10.2.0 of Confluence Data Center. This Business Logic vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.3AI score0.00467EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.8 views

DoS (Denial of Service) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.2AI score0.0078EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.8 views

BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0,...

9.8CVSS5.3AI score0.01233EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.12 views

Improper Authorization org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Improper Authorization vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1,...

9.1CVSS5.9AI score0.01136EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.7 views

Injection org.apache.tomcat:tomcat-coyote Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0,...

9.8CVSS5.3AI score0.01339EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/22 10:30 p.m.8 views

HTTP Request Smuggling ws Dependency in Confluence Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.0.1, 9.2.3, and 9.4.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated...

7.5CVSS5.2AI score0.00745EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/05/06 1:47 a.m.177 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 — OGNL Injection in Atlassian Confluence Te...

9.8CVSS8.1AI score0.99999EPSS
Exploits76
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.33 views

DoS (Denial of Service) in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.1.1 and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...

8.7CVSS5.7AI score0.00552EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.28 views

Injection in Confluence Data Center

This High severity Injection vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Injection vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N...

7.5CVSS5.8AI score0.00498EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.27 views

DoS (Denial of Service) in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.9AI score0.0043EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.31 views

BASM (Broken Authentication & Session Management) in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0,...

9.1CVSS5.8AI score0.00715EPSS
Exploits2
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.29 views

Improper Encoding org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This High severity Improper Encoding vulnerability known as CVE-2026-34483 was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0. This Improper Encoding or Escaping of Output vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00461EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.27 views

HTTP Request/Response Smuggling Apache Tomcat Dependency in Confluence Data Center

This High severity HTTP Request/Response Smuggling vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request/Response Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00453EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/22 8:29 p.m.23 views

Information Disclosure in Confluence Data Center

This High severity Information Disclosure vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.0504EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/18 4:29 p.m.35 views

Information Disclosure in Confluence Data Center

This High severity Information Disclosure vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00447EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/16 6:22 p.m.22 views

RCE (Remote Code Execution) org.yaml:snakeyaml Dependency in Confluence Data Center

This Confluence release includes updates to our org.yaml:snakeyaml dependency in response to CVE-2022-1471. Our security team has assessed that the current scope of this CVE does not present the same critical risk in our products, as our use of the dependency doesn’t support the known path for...

9.8CVSS6.5AI score0.99615EPSS
Exploits7
Rows per page
Query Builder