DoS (Denial of Service) ua-parser-js Dependency in Jira Service Management Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-25927 was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, and 11.0.0 of Jira Service Management Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Sco...

Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.28 / 5.13.x < 10.3.10 / 10.4.x < 11.0.1 (JSDSERVER-16408)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16408 advisory. - Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the...

Injection cipher-base Dependency in Jira Service Management Data Center and Server

This High severity Injection vulnerability was introduced in versions 10.3.0, 11.0.0, 11.1.0, and 11.2.0 of Jira Service Management Data Center and Server. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:Hcode allows...

Atlassian Jira Service Management Data Center and Server 10.3.x< 10.3.14 / 11.0.x < 11.3.0 (JSDSERVER-16470)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16470 advisory. - ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to...

Prototype Pollution loadash.pick Dependency Vulnerability in Jira Service Management Data Center and Server

This High severity Prototype Pollution vulnerability known as CVE-2020-8203 was introduced in 10.3.0 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H allows an unauthenticated attacker ...

Prototype Pollution zrender Dependency in Jira Service Management Data Center and Server

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability known as CVE-2022-39227 was introduced in 10.3.0, and 11.0.0 of Jira...

DoS (Denial of Service) minimatch Dependency in Jira Service Management Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-3517 was introduced in 10.3.13 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attack...

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2025-55163 was introduced in 9.12.1, 9.12.2, 9.12.3, 9.12.4, 9.12.5, 9.12.6, 9.12.7, 9.12.8, 9.12.9, 9.12.10, 9.12.11, 9.12.12, 9.12.13, 9.12.14, 9.12.15, 9.12.16, 9.12.17, 9.12.18, 9.12.19, 9.12.22, 9.12.23, 9.12.24, 9.12.25,...

CVE-2024-21687

This High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0 and 9.6.0 of Bamboo Data Center and Server. This File Inclusion vulnerability, with a CVSS Score of 8.1, allows an authenticated attacker to get the application to display the...

DoS (Denial of Service) org.xerial.snappy:snappy-java Dependency in Jira Software Data Center and Server

This High severity org.xerial.snappy:snappy-java Dependency vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, and 9.12.0 of Jira Software Data Center and Server. This org.xerial.snappy:snappy-java...

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

RedTeamTool-CVE-2023-22515 – Vulnerability Exploitation Tool...

CVE-2023-22505

This High severity RCE Remote Code Execution vulnerability known as CVE-2023-22505 was introduced in version 8.0.0 of Confluence Data Center & Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8, allows an authenticated attacker to execute arbitrary code which has high...