Atlassian Confluence 7.19.x < 9.2.13 / 9.3.1 < 10.2.2 (CONFSERVER-102184)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-102184 advisory. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...

EUVD-2024-19306

Malicious code in bioql PyPI...

CVE-2023-22508

This High severity RCE Remote Code Execution vulnerability known as CVE-2023-22508 was introduced in version 6.1.0 of Confluence Data Center & Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high...

PT-2024-7362

Name of the Vulnerable Software and Affected Versions: Spring Framework versions prior to 5.3.41 Spring Framework versions prior to 6.0.25 Spring Framework versions prior to 6.1.14 Confluence Data Center and Server versions 3.0 through 9.1.0 Confluence Data Center and Server version 9.1 Bitbucket...

PT-2024-20044 · S/Notify · S/Notify

Name of the Vulnerable Software and Affected Versions: S/Notify versions prior to 4.0.0 for Confluence Description: A Cross Site Scripting XSS issue exists in the S/MIME certificate upload functionality of the User Profile pages, allowing attackers to manipulate user data via specially crafted...

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence. A unauthenticated malicious person could exploit the vulnerability to cause cause a denial-of-service on the application. Atlassian has released updates to fix the vulnerability in Confluence 8.6.0, 8.5.1 and 7.19.14. For more information, see:...